Because of the threat of hacking, Medtronic is recalling some versions of its MiniMed insulin pumps. Patients may want to switch their pumps to models that are better protected against risks.
Although there have been no reports of security breaches, the Food and Drug Administration (FDA) reports that someone without authorization could potentially connect wirelessly to a pump. The settings could then be changed “to either over-deliver insulin to a patient, leading to low blood sugar [hypoglycemia], or stop insulin delivery, leading to high blood sugar and diabetic ketoacidosis,” according to the FDA.
Medtronic is recalling the 508 and Paradigm series pumps and will provide alternative, more secure devices to patients. Medtronic can be reached toll-free at 866-222-2584, or online at info.medtronicdiabetes.com/legacyexchange, if you have questions. Other models are not affected.
To minimize the risk of a cybersecurity attack while you are waiting for a replacement, the FDA recommends the following:
- Keep your insulin pump and the devices that are connected to your pump within your control at all times.
- Do not share your pump serial number.
- Be attentive to pump notifications, alarms and alerts.
- Monitor your blood glucose levels closely and act appropriately.
- Connect your Medtronic insulin pump to other Medtronic devices and software only.
- Disconnect the USB device from your computer when you are not using it to download data from your pump.
If you believe there may be a problem with your pump, you can report the problem through the MedWatch Voluntary Reporting Form. Health care personnel employed by facilities that are subject to the FDA's user-facility reporting requirements should follow the reporting procedures established by their facilities.